Report - web.thechambernv.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=2287&ListingID=1424&CategoryID=1794&SubCategoryID=0&url=//mejorvision%E3%80%82com%E3%80%82mx/content/cache/oAFzroAFzr/WPpK/dG9iaWFzLndvZWxmbGVAZWlzYmVyZy5jb20=//mejorvision%E3%80%82com%E3%80%82mx/content/cache/oAFzroAFzr/WPpK/dG9iaWFzLndvZWxmbGVAZWlzYmVyZy5jb20=

Report Overview

Visited public
2023-12-01 10:24:45
Tags
phishing microsoft outlook
URL
web.thechambernv.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=2287&ListingID=1424&CategoryID=1794&SubCategoryID=0&url=//mejorvision%E3%80%82com%E3%80%82mx/content/cache/oAFzroAFzr/WPpK/dG9iaWFzLndvZWxmbGVAZWlzYmVyZy5jb20=//mejorvision%E3%80%82com%E3%80%82mx/content/cache/oAFzroAFzr/WPpK/dG9iaWFzLndvZWxmbGVAZWlzYmVyZy5jb20=
Finishing URL
agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com
IP / ASN
104.18.248.141
#13335 CLOUDFLARENET
Title
Sign in to your account
Phishing - Microsoft Outlook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mejorvision.com.mx	unknown	2020-03-25	2020-03-30 06:21:35	2023-11-30 22:54:36	654 B	782 B	162.241.62.131
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-01 05:09:17	908 B	58 kB	104.17.24.14
aadcdn.msftauth.net	1455	2018-10-25	2018-11-19 11:50:32	2023-11-30 18:15:26	494 B	18 kB	152.199.23.37
aadcdn.msauth.net	1421	2018-10-25	2018-11-19 11:50:03	2023-11-30 05:11:50	1.0 kB	113 kB	13.107.246.53
aadcdn.msauthimages.net	4795	2018-11-12	2019-08-14 20:34:06	2023-11-30 18:37:37	1.1 kB	273 kB	152.199.23.72
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-01 08:07:42	446 B	32 kB	142.250.74.170
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20 07:02:03	2023-12-01 05:10:15	3.2 kB	230 kB	104.17.3.184
segy.shop	unknown	2023-11-29	2023-11-30 15:40:23	2023-11-30 22:54:40	1.6 kB	48 kB	152.89.246.205
agnieszkawesecka.pl	unknown	2015-08-01	2019-06-09 06:18:06	2023-11-30 22:54:55	2.1 kB	50 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	7.5 kB	2023-11-30	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 22:54 Last Seen2024-08-20 17:17 Times Seen320 Hash c69c6fd73b6558bd75115e1f19142ece 3999fcf9b030207747715a8e474df2f02f84f7b6 af71f0bb7ddde9cf3eee892b7641eded64f41ce0ed77f8092f69240d5aa82b6f Loading...

	unknown	ScriptElement	6.5 kB	2023-11-30	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 22:55 Last Seen2024-08-20 17:17 Times Seen244 Hash 0bd6301ad4c389bacecc84e537b66dd7 2638a2b33cea3b86952bc444d313cd9aa7cd9b2c d22db56d037a22a93f0b970ad3fea0c4b467e03a8cd5516a668b8e453d53a3f1 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 14:44 Times Seen205882 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	ScriptElement	34 kB	2023-11-30	2023-12-14
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 14:29 Last Seen2023-12-14 14:42 Times Seen11689 Hash 8c90f391245a994ae95e644a587c8626 7bfc99336571d0ccfe38f9e1d18cb26b4adfc316 acbe221d9bb71e85d0a3b52a7a9d44ee4669ab664186b32d0c737a2be62681e7 Loading...

	agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 14:57 Times Seen4655274 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 3bc97404bd173b465be0f677da714c48	1.1 kB	2024-08-20 17:12	2024-08-20 17:12
Pretty Observations First Seen2024-08-20 17:12 Last Seen2024-08-20 17:12 Times Seen1 Hash 3bc97404bd173b465be0f677da714c48 b3580d4e43c967add5b1d71957ac75114cffda12 6e27990482dfceefb4b5c49524ece35bcf7a8aac209f45c63805d217235bee0b Loading...

	#2 Eval - 80cc52636935c506cac18a2967a08d28	557 B	2024-08-20 17:12	2024-08-20 17:12
Pretty Observations First Seen2024-08-20 17:12 Last Seen2024-08-20 17:12 Times Seen1 Hash 80cc52636935c506cac18a2967a08d28 5cc2f47a7182925d0276b91cc3712ea2ef04310a aa20fd75fda5630346cc0f42e74238be963f7fe512ba5a8656ba2c9be6ba56ed Loading...

	#3 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-05-11 14:54
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-11 14:54 Times Seen369077 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

		Size	First Seen	Last Seen
	#1 Write - d50fe447c67a515d4ba936505175a8fe	3.6 kB	2023-11-30 14:29	2024-08-20 17:20
Pretty Observations First Seen2023-11-30 14:29 Last Seen2024-08-20 17:20 Times Seen11653 Hash d50fe447c67a515d4ba936505175a8fe 78d20da444441fb45dcf61e09d9bcbc9f01502e2 7dcf7a54137031c03f28f6a33cb62b258023c5de06d504259d5ad39f16b1b85e Loading...

	#2 Write - de962e8dfaee72c7ca0379098902f4f0	30 kB	2023-11-30 22:54	2024-08-20 17:17
Pretty Observations First Seen2023-11-30 22:54 Last Seen2024-08-20 17:17 Times Seen322 Hash de962e8dfaee72c7ca0379098902f4f0 34c0d1071f6db631d91097eda504c4e0c47cccde 4a50fa0043595864a83dafe1e7d6b14e10fb7545f2ff095d0fa92ada2beebcd5 Loading...

	#3 Write - 94a7adfcb263215d1de546b35d526a42	15 kB	2024-08-20 17:12	2024-08-20 17:12
Pretty Observations First Seen2024-08-20 17:12 Last Seen2024-08-20 17:12 Times Seen1 Hash 94a7adfcb263215d1de546b35d526a42 e932dd2ba29b5cc4a388f120f9d4b394d3e0df93 296ae30f38b6752722903a21f8992c567413e971ff6f8b0962c74b8c0a39c427 Loading...

HTTP Transactions (19)

	URL	IP	Response	Size
	mejorvision.com.mx/content/cache/oAFzroAFzr/WPpK/dG9iaWFzLndvZWxmbGVAZWlzYmVyZy5jb20=//mejorvision%e3%80%82com%e3%80%82mx/content/cache/oAFzroAFzr/WPpK/dG9iaWFzLndvZWxmbGVAZWlzYmVyZy5jb20=	162.241.62.131		0 B
URL mejorvision.com.mx/content/cache/oAFzroAFzr/WPpK/dG9iaWFzLndvZWxmbGVAZWlzYmVyZy5jb20=//mejorvision%e3%80%82com%e3%80%82mx/content/cache/oAFzroAFzr/WPpK/dG9iaWFzLndvZWxmbGVAZWlzYmVyZy5jb20= IP 162.241.62.131:0 ASN #46606 UNIFIEDLAYER-AS-1 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /content/cache/oAFzroAFzr/WPpK/dG9iaWFzLndvZWxmbGVAZWlzYmVyZy5jb20=//mejorvision%e3%80%82com%e3%80%82mx/content/cache/oAFzroAFzr/WPpK/dG9iaWFzLndvZWxmbGVAZWlzYmVyZy5jb20= HTTP/1.1 Host: mejorvision.com.mx User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK refresh: 0;url=https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com accept-ranges: none content-length: 0 content-type: text/html; charset=UTF-8 date: Fri, 01 Dec 2023 10:24:28 GMT server: Apache X-Firefox-Spdy: h2

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	142.250.74.170	200 OK	31 kB
URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 142.250.74.170:443 ASN #15169 GOOGLE Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type ASCII text, with very long lines (65447) Size 31 kB (31017 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31017 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 30 Nov 2023 04:35:32 GMT expires: Fri, 29 Nov 2024 04:35:32 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Wed, 10 Mar 2021 14:28:09 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 107337 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/413091016:1701425404:UzSprzAaYRBO-X3neHC3nGUxHCS7oF_6oGGdcFJTldA/82ea9eea8eb1712f/042c3242ef5c3e0	104.17.3.184		9.1 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/413091016:1701425404:UzSprzAaYRBO-X3neHC3nGUxHCS7oF_6oGGdcFJTldA/82ea9eea8eb1712f/042c3242ef5c3e0 IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (3436), with no line terminators Size 9.1 kB (9091 bytes) Hash 12e37a8fde566b79a0feee0ab3ed2442 8c23da5b2d126b1a4a6f316ed268cf889821d22e 416107b1771ef95536dcf4994ab14260c3c6e51d01e85d6e76c21925dcd244be HTTP Headers POST /cdn-cgi/challenge-platform/h/b/flow/ov1/413091016:1701425404:UzSprzAaYRBO-X3neHC3nGUxHCS7oF_6oGGdcFJTldA/82ea9eea8eb1712f/042c3242ef5c3e0 HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cu91g/0x4AAAAAAANitG7_q4LMVK7c/auto/normal Content-type: application/x-www-form-urlencoded CF-Challenge: 042c3242ef5c3e0 Content-Length: 25565 Origin: https://challenges.cloudflare.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 01 Dec 2023 10:24:32 GMT content-type: text/html; charset=UTF-8 cf-chl-out: CNFjWWgzcX8kDlcqtXdCLO1SwsaSHpMwTZd9BfLNNKZY2zFGzbIT+nGy05hl+TXjAjNSMoWRbRREUvN1bGmNx/F2S/prLT+sAGpXUAkhHjrhB6SEVdQgPbzxTWxPSd8j$wisYhrxm/gK7rlyLAfqkxw== cf-chl-out-s: neKDZqAM5M4gyk63oqc9bqY6ufQXYsEz4vhxwkrcp0UT0EsJboevN64aGdE+U81GcQDhiDGnv7dirld3EXX666d0d3D9WsL2mL1Yk7pS9C7quFntPBRQDMrQku5VLGb7aNt6gORJCQnFAiQn/VV7Nuy/stv9Gh9b62mZSHiG8a/0voywZ89h6Zzf2oYMDPkCn0ielOPUnTBwQhjvWS0plx+fa6Lw4RFURTzUuvdzUetO9gLDFNj41Qg5EmfblBriiaklR+BRjvqvzRzVts58r3BKTq9CAv+d+Q17J7eiPJqaBKBjfyOh70LUHQLS9wdKPyDe5E9XIfkoJMtVraNoQw==$qDS8tHCVXfInLMZ9W6YrPA== server: cloudflare cf-ray: 82ea9ef9cd16712f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	104.17.24.14	200 OK	28 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (65447) Size 28 kB (27938 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 01 Dec 2023 10:24:33 GMT content-type: application/javascript; charset=utf-8 content-length: 27938 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "603e8adc-15d9d" last-modified: Tue, 02 Mar 2021 18:58:36 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 533971 expires: Wed, 20 Nov 2024 10:24:33 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7O0c6T3jkCSTMV%2Bz5mf8vABkI9eFVNWveMhb1VnRyBWGl3IOccRLCEprcoX1D8qsV18olbTalY%2Bdvt7q5QC2TtnfJGiSSFKC5EAhS6UvWFGnnxt2MrmDJ5TEKOc6wpJs%2FIC4ojZ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 82ea9f01dee77129-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	segy.shop/api/validate	152.89.246.205	204 No Content	0 B
URL OPTIONS HTTP/1.1 segy.shop/api/validate IP 152.89.246.205:443 ASN #30823 combahton GmbH Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerLet's Encrypt Subjectsegy.shop FingerprintEB:95:7A:90:22:94:A6:8D:13:EE:A6:CE:16:62:13:B3:B8:E5:58:43 ValidityThu, 30 Nov 2023 09:25:10 GMT - Wed, 28 Feb 2024 09:25:09 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /api/validate HTTP/1.1 Host: segy.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://agnieszkawesecka.pl/ Origin: https://agnieszkawesecka.pl DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 204 No Content Server: nginx/1.18.0 (Ubuntu) Content-Type: text/html; charset=UTF-8 Connection: keep-alive Cache-Control: no-cache, private Date: Fri, 01 Dec 2023 10:24:35 GMT Access-Control-Allow-Origin: * Vary: Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods: POST Access-Control-Allow-Headers: content-type Access-Control-Max-Age: 0`

	segy.shop/api/validate	152.89.246.205	204 No Content	16 kB
URL OPTIONS HTTP/1.1 segy.shop/api/validate IP 152.89.246.205:443 ASN #30823 combahton GmbH Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerLet's Encrypt Subjectsegy.shop FingerprintEB:95:7A:90:22:94:A6:8D:13:EE:A6:CE:16:62:13:B3:B8:E5:58:43 ValidityThu, 30 Nov 2023 09:25:10 GMT - Wed, 28 Feb 2024 09:25:09 GMT File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (15792), with no line terminators Size 16 kB (15792 bytes) Hash 6e3c32280ab392ba7941bc94a43d4d9f bb90b52ffe736341fa33b7de3e5b551fab06d0a8 c5e188bd2e594c4a085d78180ab62b2a37b6aa09a731b7263aeb52ff7079dccb HTTP Headers POST /api/validate HTTP/1.1 Host: segy.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 83 Origin: https://agnieszkawesecka.pl DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-cache, private Date: Fri, 01 Dec 2023 10:24:36 GMT X-RateLimit-Limit: 60 X-RateLimit-Remaining: 54 Access-Control-Allow-Origin: *`

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	104.17.24.14	200 OK	28 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (65447) Size 28 kB (27938 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 01 Dec 2023 10:24:37 GMT content-type: application/javascript; charset=utf-8 content-length: 27938 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "603e8adc-15d9d" last-modified: Tue, 02 Mar 2021 18:58:36 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 533975 expires: Wed, 20 Nov 2024 10:24:37 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCPiE0LA3MJLirt5zJQu5bghmrmphXYX%2BETOoRkRzxV2snXAEGIQGY85pFFZdQ6339mdtFpKdm5Ql%2FY1egAzWF%2FZxSW%2FokYE%2F3jH22Bkt1svXmYyWNz4Qyh3sk3EqOIKC0ZRk8Zj"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 82ea9f17c96c5693-OSL alt-svc: h3=":443"; ma=86400

	agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com	188.114.97.1	200 OK	21 kB
URL User Request GET HTTP/2 agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectagnieszkawesecka.pl FingerprintED:DD:EC:0A:35:7D:02:85:E0:91:DD:95:17:23:1F:83:E6:17:49:00 ValidityThu, 23 Nov 2023 03:13:02 GMT - Wed, 21 Feb 2024 03:13:01 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363), with CRLF line terminators Size 21 kB (21223 bytes) Hash 10d96cf3ea40f1d7d594fbe5920308f9 924bec48eb1b49c15401b4a30f0e3e25dd378148 4a9e857f535cf490e719ad81d0fd2e90db401ccc30afa03d3d2b385f6acd14b3 HTTP Headers GET /online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com HTTP/1.1 Host: agnieszkawesecka.pl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 01 Dec 2023 10:24:29 GMT content-type: text/html last-modified: Thu, 30 Nov 2023 21:19:15 GMT vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nNIxJlXvgVqyTMLKBvgigCBPDoniZgwH2nfgZM7IiyzuL5eXOwUQX%2FCdGyyVh68%2Bkbae5hpwI9C6wdVNIcq7aoxz%2FaVG%2Bv7CZ0AdlKtSBXvhYdJ6mA8bbpvTA00rZi06X1PrhzK"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82ea9ee728e15688-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	aadcdn.msauthimages.net/c1c6b6c8-0uwo3do2gkrxj0qnhi9de28ewtzcxteogcpzuuk0bae/logintenantbranding/0/bannerlogo?ts=637418880351454065	152.199.23.72	200 OK	4.8 kB
URL GET HTTP/2 aadcdn.msauthimages.net/c1c6b6c8-0uwo3do2gkrxj0qnhi9de28ewtzcxteogcpzuuk0bae/logintenantbranding/0/bannerlogo?ts=637418880351454065 IP 152.199.23.72:443 ASN #15133 EDGECAST Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerMicrosoft Corporation Subjectaadcdn.msauthimages.net Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT File type PNG image data, 280 x 60, 8-bit colormap, non-interlaced\012- data Size 4.8 kB (4838 bytes) Hash 7323da36b9eadd6036512a0974f08b3e 2f10817de7dc1827e5ba2befba1387117b65b72a d789947c76e062de8396107df6f19c90235a82206c7e859d571e4e5575119973 HTTP Headers GET /c1c6b6c8-0uwo3do2gkrxj0qnhi9de28ewtzcxteogcpzuuk0bae/logintenantbranding/0/bannerlogo?ts=637418880351454065 HTTP/1.1 Host: aadcdn.msauthimages.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 5 cache-control: public, max-age=86400 content-md5: cyPaNrnq3WA2USoJdPCLPg== content-type: image/* date: Fri, 01 Dec 2023 10:24:37 GMT etag: 0x8D8911830A57F73 last-modified: Wed, 25 Nov 2020 08:00:35 GMT server: ECAcc (ska/F772) x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 3921f9da-701e-0000-2740-242c32000000 x-ms-version: 2009-09-19 content-length: 4838 X-Firefox-Spdy: h2

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/413091016:1701425404:UzSprzAaYRBO-X3neHC3nGUxHCS7oF_6oGGdcFJTldA/82ea9eea8eb1712f/042c3242ef5c3e0	104.17.3.184		78 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/413091016:1701425404:UzSprzAaYRBO-X3neHC3nGUxHCS7oF_6oGGdcFJTldA/82ea9eea8eb1712f/042c3242ef5c3e0 IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65536), with no line terminators Size 78 kB (77770 bytes) Hash 2b629d26f9bb8301cf3cf83be89cce3f f87aa62a7ed43c3add36700513f680cbb02703ff b7ee1661ba2e4ae9cacd8eed8aaac6f9c167fcb0fa3700fd40edbc889399c1d5 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/flow/ov1/413091016:1701425404:UzSprzAaYRBO-X3neHC3nGUxHCS7oF_6oGGdcFJTldA/82ea9eea8eb1712f/042c3242ef5c3e0 HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cu91g/0x4AAAAAAANitG7_q4LMVK7c/auto/normal Content-type: application/x-www-form-urlencoded CF-Challenge: 042c3242ef5c3e0 Content-Length: 2763 Origin: https://challenges.cloudflare.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 01 Dec 2023 10:24:30 GMT content-type: text/plain; charset=UTF-8 cf-chl-gen: An6kpcrS9/eOB7oIySq0am+d09iuHOOuC6SjibFnNGXOEbElFCyhXNAWVv+kQWjVb1O6Gf34Z+Iu+5/4EZ5kC6mvRH45eX+gVarOrH+rkREWH6Rm2ZdpMGJtIrWEfh84vWDNRUixXxT7ZsJsamjWeeXUnPFGy9iCMXHELEDKh/q4/z3UTmaWf6hNY3hbCaXpOy3OjQ7i6YKJbTTfSki7yfb5piN+DO995a9KcSFT6UIMHUrpfdSWeR/r1qpx5D00mhnXEBAsXHjk4/3LrY9b+u3sK+ys550Ojsea9YMZCCG025x89k20LTkfAfONR65PQVRosBijD9CSBHNOaL/pIqKNHp3fNPOJudV2KtQseMcXt8/4wBcN/c5PQX4ca60ctn7RLnrTGAz1WI5zIIM7oGxx8nxU2FqD/k46Sfz1Jl5WDshd95jwie4t7Er2bAaHT7kOFb7PAJTt97467M6IGA==$uE8f0PFzHBo8Of21to1a+Q== server: cloudflare cf-ray: 82ea9eed7903712f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	aadcdn.msauthimages.net/c1c6b6c8-0uwo3do2gkrxj0qnhi9de28ewtzcxteogcpzuuk0bae/logintenantbranding/0/illustration?ts=637418262336466812	152.199.23.72	200 OK	267 kB
URL GET HTTP/2 aadcdn.msauthimages.net/c1c6b6c8-0uwo3do2gkrxj0qnhi9de28ewtzcxteogcpzuuk0bae/logintenantbranding/0/illustration?ts=637418262336466812 IP 152.199.23.72:443 ASN #15133 EDGECAST Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerMicrosoft Corporation Subjectaadcdn.msauthimages.net Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT File type PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data Size 267 kB (266991 bytes) Hash 7fb00fb3980ba457610d5f36d83dc772 09e490377e880df667b95ede4f925b739e55ebe7 863086af815c5cc340639d7b0db8d28b9030c65bd32a5d62ec3058697ad117a1 HTTP Headers GET /c1c6b6c8-0uwo3do2gkrxj0qnhi9de28ewtzcxteogcpzuuk0bae/logintenantbranding/0/illustration?ts=637418262336466812 HTTP/1.1 Host: aadcdn.msauthimages.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 5 cache-control: public, max-age=86400 content-md5: f7APs5gLpFdhDV822D3Hcg== content-type: image/* date: Fri, 01 Dec 2023 10:24:37 GMT etag: 0x8D890884C231C60 last-modified: Tue, 24 Nov 2020 14:50:34 GMT server: ECAcc (ska/F7AE) x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: a582d105-001e-0004-0a40-24d9b0000000 x-ms-version: 2009-09-19 content-length: 266991 X-Firefox-Spdy: h2

	aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	152.199.23.37	200 OK	17 kB
URL GET HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint99:06:D8:1E:EC:BF:DB:78:DF:F4:89:A3:ED:23:07:3D:79:F1:16:D6 ValidityTue, 31 Jan 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data Size 17 kB (17174 bytes) Hash 12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 HTTP Headers `GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding age: 15925769 cache-control: public, max-age=31536000 content-md5: EuPayFgGHQiAI7K9SOL6lg== content-type: image/x-icon date: Fri, 01 Dec 2023 10:24:37 GMT etag: 0x8D8731240E548EB last-modified: Sun, 18 Oct 2020 03:02:30 GMT server: ECAcc (ska/F738) x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 003b7cc6-501e-0067-4768-9344ba000000 x-ms-version: 2009-09-19 content-length: 17174 X-Firefox-Spdy: h2

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css	13.107.246.53	200 OK	111 kB
URL GET HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css IP 13.107.246.53:443 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerDigiCert Inc Subjectaadcdn.msauth.net Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT File type ASCII text, with very long lines (61177) Size 111 kB (110554 bytes) Hash ce26137fc0d9b7d7a0d52ebe3a186512 b9d7fb3fe7d08f46c2d1153bb47b13809375c663 1304c5090f063c677a5b3720fe7b97ef4d9ea102e2bdd837ce399df6057fe385 HTTP Headers GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://agnieszkawesecka.pl DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 19953 content-type: text/css content-encoding: gzip content-md5: xg2DER+s52egaL6bUXi4hw== last-modified: Mon, 18 Apr 2022 21:18:26 GMT etag: 0x8DA2180FA29F5AF x-cache: TCP_HIT x-ms-request-id: afb3f6b4-c01e-005b-42f9-207157000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0UPtkZQAAAACj77pr2uOuRaMWZfUTcK7vQU1TMDRFREdFMTgxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= x-azure-ref: 0ZbRpZQAAAACKmQG826BUTo+KeH2/dFpUU1ZHMjBFREdFMDYxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Fri, 01 Dec 2023 10:24:36 GMT X-Firefox-Spdy: h2

	agnieszkawesecka.pl/favicon.ico	188.114.97.1	404 Not Found	27 kB
URL GET HTTP/2 agnieszkawesecka.pl/favicon.ico IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerLet's Encrypt Subjectagnieszkawesecka.pl FingerprintED:DD:EC:0A:35:7D:02:85:E0:91:DD:95:17:23:1F:83:E6:17:49:00 ValidityThu, 23 Nov 2023 03:13:02 GMT - Wed, 21 Feb 2024 03:13:01 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (611) Size 27 kB (27242 bytes) Hash df3d48946e8d3f5a83608308edbb4b86 47b9c40c97abf2658df96b1c06109324e15e1a00 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499 HTTP Headers GET /favicon.ico HTTP/1.1 Host: agnieszkawesecka.pl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 404 Not Found date: Fri, 01 Dec 2023 10:24:29 GMT content-type: text/html vary: Accept-Encoding cache-control: max-age=14400 cf-cache-status: HIT age: 23 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7nBKFLMcvRcanMgPSsZdSffqaR82G9Asl%2F4OOXEmL0wGghXof3MC3GhcC8OVnigdKQm3eOSwsiXwiQn1shFIbU0KTrlmKLwS00JlzI9%2B38PE8B7nAT6DNjTljKT%2BsY5iw5R%2FmK3"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82ea9eea5bcb5688-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	104.17.3.184	302 Found	34 kB
URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type Size 34 kB (33876 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Fri, 01 Dec 2023 10:24:29 GMT access-control-allow-origin: * cache-control: max-age=300, public location: /turnstile/v0/b/56d3063b/api.js?onload=onloadTurnstileCallback vary: accept-encoding server: cloudflare cf-ray: 82ea9ee8c9aa7129-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=onloadTurnstileCallback	104.17.3.184	200 OK	34 kB
URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=onloadTurnstileCallback IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type ASCII text, with very long lines (33875) Size 34 kB (33876 bytes) Hash 8c90f391245a994ae95e644a587c8626 7bfc99336571d0ccfe38f9e1d18cb26b4adfc316 acbe221d9bb71e85d0a3b52a7a9d44ee4669ab664186b32d0c737a2be62681e7 HTTP Headers `GET /turnstile/v0/b/56d3063b/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://agnieszkawesecka.pl/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 01 Dec 2023 10:24:29 GMT content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * cache-control: max-age=31536000 vary: Accept-Encoding server: cloudflare cf-ray: 82ea9ee8e9bc7129-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	segy.shop/cap.php	152.89.246.205	200 OK	31 kB
URL POST HTTP/1.1 segy.shop/cap.php IP 152.89.246.205:443 ASN #30823 combahton GmbH Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerLet's Encrypt Subjectsegy.shop FingerprintEB:95:7A:90:22:94:A6:8D:13:EE:A6:CE:16:62:13:B3:B8:E5:58:43 ValidityThu, 30 Nov 2023 09:25:10 GMT - Wed, 28 Feb 2024 09:25:09 GMT File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30978), with no line terminators Size 31 kB (30978 bytes) Hash b2ed6808a3fbf0230a5e35a36ffbf0c4 1c66b9f280290364382cf571fe9e9769432fb4fb 317a8bee521641671a95648e5009caae07b5411c2853cb5e0b56f1273c3ac7cc HTTP Headers POST /cap.php HTTP/1.1 Host: segy.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 647 Origin: https://agnieszkawesecka.pl DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 01 Dec 2023 10:24:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Content-Encoding: gzip`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cu91g/0x4AAAAAAANitG7_q4LMVK7c/auto/normal	104.17.3.184	200 OK	73 kB
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cu91g/0x4AAAAAAANitG7_q4LMVK7c/auto/normal IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (40091) Size 73 kB (72921 bytes) Hash 3c568921aeab3d9407088a0095033703 758ce11875d1d30e550b59f20dfe85953981915b a5b73ffdc561c12ec36dce79497d522e6b96cde87c96e2cd8d9bdd71fcb1e3e6 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cu91g/0x4AAAAAAANitG7_q4LMVK7c/auto/normal HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 01 Dec 2023 10:24:29 GMT content-type: text/html; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: cross-origin document-policy: js-profiling origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin server: cloudflare cf-ray: 82ea9eea8eb1712f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg	13.107.246.53	200 OK	513 B
URL GET HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg IP 13.107.246.53:443 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://agnieszkawesecka.pl/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7.html?s=tobias.woelfle@eisberg.com Certificate IssuerDigiCert Inc Subjectaadcdn.msauth.net Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (529), with no line terminators Size 513 B (513 bytes) Hash adc405f5fd089662209870ca5d2106f7 3a8b776df84bf251afc6ddd802cc5bbeddfb0e36 e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49 HTTP Headers `GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://agnieszkawesecka.pl/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 276 content-type: image/svg+xml content-encoding: gzip content-md5: TjUQkZ0p0Y7rbj6LJofS9Q== last-modified: Fri, 17 Jan 2020 19:28:34 GMT etag: 0x8D79B8371B97A82 x-cache: TCP_HIT x-ms-request-id: 4d8ee911-101e-0036-6042-0fec6e000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0SpZJZQAAAAAmBLZXYFfTSIPxFEjCT7FDQU1TMDRFREdFMTkxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= x-azure-ref: 0ZbRpZQAAAADbR7pkcykASa4LWQ2FxC1/U1ZHMjBFREdFMDUxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Fri, 01 Dec 2023 10:24:37 GMT X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (19)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP